rsa.js 和 rsa.php 的兼容性
我有一个网站,我正在努力确保我的表单安全。我已经做了一些研究,尽管我不是程序员,但我正在通过自制的质询响应机制对用户进行身份验证,并且我正在使用 mcrypt 库中的 aes 加密来加密表单值。到目前为止一切都很好。除了我的 aes 密码需要从客户端安全地发送到服务器之外。我认为 RSA 可以解决这个问题。所以我下载了 phpseclib,我已经在服务器端成功加密/解密。现在,我需要一个客户端代码来加密 RSA。我在这里使用了这个库http://www.ohdave.com/rsa/。 现在...这是我的问题。
- 我使用 phpseclib 在 php 中生成一对密钥。
- 我提取私有指数、公共指数和模数(公共)。
我将公共指数和模数(公共)发送到 JavaScript。
include('Scripts/phpseclib/Crypt/RSA.php'); require_once('Scripts/phpseclib/Math/BigInteger.php'); 会话开始(); $rsa = new Crypt_RSA(); 提取($rsa->createKey(512)); $priv = $rsa->_parseKey($privatekey,CRYPT_RSA_PRIVATE_FORMAT_PKCS1); $privExp = $priv['privateExponent']->toHex(); $pubExp = $priv['publicExponent']->toHex(); $pubMod = $priv['模数']->toHex(); $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); $_SESSION['privatekey']=$privatekey; $_SESSION['publickey']=$publickey;
javascript 生成一个随机数,该随机数将成为我将进一步用于 aes 加密的密码。 javascript将使用服务器从php发送的公共指数和模数(公共)来加密javascript中随机生成的字符串(将成为aes密钥),并将其发送回php服务器解密。
password = random();
key = new RSAKeyPair(
"<?php echo $pubExp; ?>",
"",
"<?php echo $pubMod; ?>"
);
x = encryptedString(key,password);
y = decryptedString(key,x);
document.write(" text cryptat = "+x);
document.write(" text decryptat = "+y);
window.location = "rsa.php?text="+x;
</script>
php 服务器将接收加密的字符串,并使用从开始生成的私有指数将能够解密 aes-key(由客户端 JavaScript 随机生成),从而在客户端-服务器之间生成密钥协议,而无需外部干预。
问题:javascript 加密随机字符串...但不加密 PKCS#1 v1.5...phpseclib 仅接受 PKCS#1 v1.5 填充,因此 php 脚本无法正确解密。
请帮助我查找或修改 JavaScript,以便将其所需的加密字符串格式 PKCS# v 1.5 输出到 php 脚本。
I have an web site and i'm trying to make my forms secure. I've done some research and even though I'm not no programmer, i'm authenticating users via a home made challenge-response mechanism and I'm encrypting form values using aes encryption from mcrypt library. All good so far. Except that my aes password need to be sent from client to server...securely. I thought that RSA would do the trick. So i'v downloaded phpseclib, I've successfully encrypted/decrypted on server-side. Now, I needed a client-side code to encrypt RSA. I've used this library here http://www.ohdave.com/rsa/.
Now...here's my problem.
- I generate a pair of keys in php using phpseclib.
- I extract the private exponent, the public exponent and the modulus (public).
I send the public exponent and modulus (public) to the javascript.
include('Scripts/phpseclib/Crypt/RSA.php'); require_once('Scripts/phpseclib/Math/BigInteger.php'); session_start(); $rsa = new Crypt_RSA(); extract($rsa->createKey(512)); $priv = $rsa->_parseKey($privatekey,CRYPT_RSA_PRIVATE_FORMAT_PKCS1); $privExp = $priv['privateExponent']->toHex(); $pubExp = $priv['publicExponent']->toHex(); $pubMod = $priv['modulus']->toHex(); $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); $_SESSION['privatekey']=$privatekey; $_SESSION['publickey']=$publickey;
The javascript generates a random number which will become the password that i will further use for aes-encryption.
The javascript will use the public exponent and the modulus (public) sent from php from the server in order to encrypt the randomly-generated string in javascript (that will become the aes-key), and will send it back to the php server for decryption.
password = random();
key = new RSAKeyPair(
"<?php echo $pubExp; ?>",
"",
"<?php echo $pubMod; ?>"
);
x = encryptedString(key,password);
y = decryptedString(key,x);
document.write(" text cryptat = "+x);
document.write(" text decryptat = "+y);
window.location = "rsa.php?text="+x;
</script>
The php server will receive the encrypted string and using the private exponent generate from start will be able to decrypt the aes-key (randomly generated by the client-side javascript), thus generating a key-agreement between client-server without outside intervention.
PROBLEM: The javascript encrypts the random string....but not PKCS#1 v1.5.....the phpseclib accepts only PKCS#1 v1.5 padding so the php script is unable to decrypt correctly.
Please help me with finding or modifying the JavaScript in order to output to the php script the encrypted string format PKCS# v 1.5 that it expects.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
phpseclib 默认进行 OAEP 填充。以下是使 javascript 与其互操作的演示:
http://www.frostjedi.com /terra/dev/rsa/index.php
这是一个在 javascript 中进行 PKCS#1 填充的网站:
http://www-cs-students.stanford.edu/~tjw/jsbn /rsa.html
phpseclib does OAEP padding by default. Here's a demo of making javascript interoperable with that:
http://www.frostjedi.com/terra/dev/rsa/index.php
Here's a website that does PKCS#1 padding in javascript:
http://www-cs-students.stanford.edu/~tjw/jsbn/rsa.html